Anchor Eiop tunnel problem 5.2
Hi,
were using two dmz WLCs for "guest-Access" - one is designated for an Hotspot and one for a direct dmz access. The internal wlc uses the management-interface as interface in the wlan-config and the internal wlc has all accesspoints directly connected and have the same configuration as the dmz wlcs and both ssids are active. Between the inside and outside wlcs we have differend subnets routers and also checkpoint firewall clusters - but no NAT. All Wlcs are in the same mobility group.
The problem is, that under some condition the mobility feature hangs up ! The internal WLC authenticates the client and give him full access (including IP) but the client can not ping or connect to any device behind the eiop tunnel.(in the DMZ) That problem occurs to both DMZ WLCs. On the wcs i can see that there was a short interrupt of the ancor-tunnels but the alarm disappears. While the client can't forward any traffic a debug mobility or an mobility ping works fine and shows no problems (a lot of keepalives from all wlcs)! The only way to get the tunnel working for traffic-forwarding is to reboot the external wlcs in the DMZ. Rebooting the internal won't help!
Do you have any information or suggestion what can causes that kind of problem ? Is there any debug command wehere i can detect the problem ?
Thanks, Dennis
I am just wanting to verify that all controllers are on the same version of code. A mismatch between an older 5.1 controller or before my result in a problem establishing the tunnel because of the 2 different protocols being used to talk between the AP and the controllers. 5.1 and before is LWAPP 5.2 and later is CAPWAP I believe.
Similar Messages
-
GUest WLAN with Anchor WLC - roaming problems
Hello,
my wireless network consists in 3 WLC 4402 which manage 40 APs.
I have a fourth WLC which I installed on my DMZ for guest vlan anchoring and web autentication.
Everiting works fine but I have a problem:
If my client associates with an AP and then I authenticate I'm ready to make traffic. As soon as my client roams to an AP managed by a differnt WLC I need to authenticate again. If I roam back to the first AP i need to reauthenticate.
In my guest WLAN I use WEB authentication provided by the internal web server of the Anchor WLC.
Thnks everybodyHere are the output of show mobility summary.
The last WLC is the anchor.
WLC1
Symmetric Mobility Tunneling (current) .......... Disabled
Symmetric Mobility Tunneling (after reboot) ..... Disabled
Mobility Protocol Port........................... 16666
Mobility Security Mode........................... Disabled
Default Mobility Domain.......................... mob1
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x392f
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 2
Mobility Control Message DSCP Value.............. 0
Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast IP Sta
tus
00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
00:23:04:7d:73:20 10.20.1.21 mob1 0.0.0.0 Up
WLC2
Symmetric Mobility Tunneling (current) .......... Disabled
Symmetric Mobility Tunneling (after reboot) ..... Disabled
Mobility Protocol Port........................... 16666
Mobility Security Mode........................... Disabled
Default Mobility Domain.......................... mob1
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x392f
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 2
Mobility Control Message DSCP Value.............. 0
Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast IP Sta
tus
00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
00:23:04:7d:62:a0 10.20.1.22 mob1 0.0.0.0 Up
WLC3
Symmetric Mobility Tunneling (current) .......... Disabled
Symmetric Mobility Tunneling (after reboot) ..... Disabled
Mobility Protocol Port........................... 16666
Mobility Security Mode........................... Disabled
Default Mobility Domain.......................... mob1
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x392f
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 2
Mobility Control Message DSCP Value.............. 0
Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast IP Sta
tus
00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
00:23:04:7d:79:80 10.20.2.21 mob1 0.0.0.0 Up
WLCAnchor
(Cisco Controller) >show mobility summary
Symmetric Mobility Tunneling (current) .......... Disabled
Symmetric Mobility Tunneling (after reboot) ..... Disabled
Mobility Protocol Port........................... 16666
Mobility Security Mode........................... Disabled
Default Mobility Domain.......................... mob1
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x392f
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 4
Mobility Control Message DSCP Value.............. 0
Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast IP Sta
tus
00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
00:23:04:7d:62:a0 10.20.1.22 mob1 0.0.0.0 Up
00:23:04:7d:73:20 10.20.1.21 mob1 0.0.0.0 Up
00:23:04:7d:79:80 10.20.2.21 mob1 0.0.0.0 Up -
Hi all ,
I need create VPN tunnels between two ASAs devices . And these devices are connected through DSL . And as you know in this case we use private outside IP address , because there is a NAT device at the outside . The problem is that no VPN tunnel is created even though all the parameters and the pre-shared-key are typical .I hve allready configured following configuration.
no crypto map newmap interface outside
no crypto map newmap 171 set peer 195.11.199.144
no isakmp key ********* address 195.11.199.144 netmask 255.255.255.255 no-xauth no-config-mode
crypto map newmap 171 set peer 195.11.204.5
isakmp key ******** address 195.11.204.5 netmask 255.255.255.255 no-xauth no-config-mode
clear crypto ipsec sa
clear crypto isakmp sa
crypto map newmap interface outside
Setting were applied successfully however Still VPN tunnel is not been initiated. -
Tunneling Problem using HttpsUrlConnection
Hi,
I had gone through forums regarding this topic and still i am facing the same problem using the HttpsUrlConnection. We are working behind a proxy so we have to make a proxy authorization if we want to connect to a server in the internet.
But in case of HttpUrlConnection, everything works
fine. But if we do the same with a HttpsUrlConnection, the authentication fails. It throws an IOException
with the message
Unable to tunnel through 192.9.100.10:80.
Proxy returns "HTTP/1.1 407 Proxy authentication required"
Sample code as follows,
The following code doesn't have any problem becos it works fine with HttpUrlConnection and also it is working without proxyserver for https as well.
This is running under MSVM.
I don't want to use SSLSocketFactory and i need to use following layout(i.e only with Httpsurlconnection)
Is there any way to make work with proxyserver? Or can't we do this at all?
System.setProperty("proxySet","true");
System.setProperty("https.proxyHost","proxyIP");
System.setProperty("https.proxyPort","80");
OutputStream os = null;
OutputStreamWriter osw = null;
InputStream is = null;
InputStreamReader isr = null;
BufferedReader br = null;
URL url;
String line = null;
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
String login = proxyUserName+":"+proxyPassWord;
String encodedLogin = new sun.misc.BASE64Encoder().encode(login.getBytes());
url = new URL("https://www.verisign.com");
HttpsURLConnection con = null;
con =(HttpsURLConnection) url.openConnection();
con.setRequestProperty("Proxy-Authorization", encodedLogin);
con.setRequestMethod("GET");
con.setDoOutput(true);
con.setDoInput(true);
con.setUseCaches(false);
con.connect();
os = con.getOutputStream();
osw = new OutputStreamWriter(os);
osw.write("SampleMsg");
osw.flush();
osw.close();
is = con.getInputStream();
isr = new InputStreamReader(is);
br = new BufferedReader(isr);
while ( (line = br.readLine()) != null)
System.out.println("line: " + line);
Can any one help me regarding this?I need a reply very urgently.
Thanks,
Prabhakaran RHope this help.
Note to change the properties to fit your system, and use the supported package ( JSSE, JRE1.5.......).
You can use URLConnection for both HTTP or HTTPS protocol.
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.*;
import javax.net.ssl.*;
public class testSSL9 {
public testSSL9() {
byte[] data = httpConnection();
System.out.println(new String(data));
public static void main(String[] args) {
Properties sysprops = System.getProperties();
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// sysprops.put("java.protocol.handler.pkgs",
// "com.sun.net.ssl.internal.www.protocol");
sysprops.put("java.protocol.handler.pkgs",
"javax.net.ssl.internal.www.protocol");
sysprops.put("javax.net.ssl.trustStore",
"D:/jdk1.4/jre/lib/security/cacerts");
sysprops.put("javax.net.debug", "ssl,handshake,data,trustmanager");
sysprops.put("https.proxyHost", "172.16.0.1");
sysprops.put("https.proxyPort", "3128");
sysprops.put("https.proxySet", "true");
sysprops.put("http.proxyHost", "172.16.0.1");
sysprops.put("http.proxyPort", "3128");
sysprops.put("proxySet", "true");
testSSL9 testSSL91 = new testSSL9();
private byte[] httpConnection() {
try {
URL url = null;
// String strurl = "https://www.verisign.com";
String strurl = "https://central.sun.net";
// String strurl = "http://www.yahoo.com"; --> use: HttpURLConnection
url = new URL(strurl);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
HttpsURLConnection.setFollowRedirects(false);
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setUseCaches(false);
connection.connect();
InputStream stream = null;
BufferedInputStream in = null;
ByteArrayOutputStream bytearr = null;
BufferedOutputStream out = null;
try {
stream = connection.getInputStream();
in = new BufferedInputStream(stream);
bytearr = new ByteArrayOutputStream();
out = new BufferedOutputStream(bytearr);
catch (Exception ex1) {
System.out.println(ex1);
System.out.println("Server reject connection...sory");
int i = 0;
while ( (i = in.read()) != -1) {
out.write(i);
out.flush();
stream.close();
in.close();
bytearr.close();
out.close();
return bytearr.toByteArray();
catch (Exception ex) {
ex.printStackTrace();
return null;
} -
Oracle 9i Web Services Quickstart Install TCP tunneling problem
When I try to run the OTNGUIDGenerator example using the TCP Tunneling portion of the Oracle 9i Web Services Quickstart
Install I get this in the From localhost8900 tunnel window:
<?xml version='1.0' encoding='UTF-8'?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body>
<ns1:getGUID xmlns:ns1="oracle.otn.ws.emarket.OTNGUIDGenerator" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
</ns1:getGUID>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I get this in the From 127.0.0.1:8888 window:
HTTP/1.1 404 Not Found
Date: Mon, 28 Oct 2002 20:38:06 GMT
Server: Oracle9iAS (9.0.2.0.0) Containers for J2EE
Content-Length: 171
Connection: Close
Content-Type: text/html
<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>Resource /j2ee-web/oracle.otn.ws.emarket.OTNGUIDGenerator not found on this server</BODY></HTML>
This is my webservices stub
public class OTNGUIDGeneratorStub
/** public String endpoint = "http://otn.oracle.com/ws/oracle.otn.ws.emarket.OTNGUIDGenerator"; */
public String endpoint = "http://127.0.0.1:8900/j2ee-web/oracle.otn.ws.emarket.OTNGUIDGenerator";
private OracleSOAPHTTPConnection m_httpConnection = null;
public OTNGUIDGeneratorStub()
System.setProperty("oracle.soap.transport.noHTTPClient", "true");
m_httpConnection = new OracleSOAPHTTPConnection();
Properties props = new Properties();
/** props.put(OracleSOAPHTTPConnection.PROXY_AUTH_TYPE, "basic");
props.put(OracleSOAPHTTPConnection.PROXY_HOST, "proxy.scott.af.mil");
props.put(OracleSOAPHTTPConnection.PROXY_PORT, "375");
props.put(OracleSOAPHTTPConnection.PROXY_USERNAME, "fowlerji");
props.put(OracleSOAPHTTPConnection.PROXY_PASSWORD, "F1234567*g"); */
m_httpConnection.setProperties(props);
Not sure what to call the server - this works okay when I'm not using tunneling and using our proxy server??I think your problem is that you have a proxy user/password and the TCP Monitor (both the command line and built-in 9.0.3 version) do not support that - they only support specification of the proxy server itself :-(
It is a feature request that I hope will make it into the late spring/early summer release of JDeveloper - I wrote it up as a request based on the number of folks who faced this issue with these tutorials.
Mike. -
Reverse SSH Tunnel problem?
I'm trying to do a reverse SSH tunnel for a VNC project. I'm successful when I do it on a Linux box or Cygwin under Windows, but I'm having problems under Mac OS.
Here's what I do:
Terminal 1:
ssh -nNTvvv -R 5500:localhost:5500 -l my_username myhost.com
Then, to see what's going on, I run in terminal 2:
nc -l -p 5500
Then, in a third terminal, I ssh over to myhost.com, and telnet to localhost 5500.
If I initiate this whole setup on other platforms, I can then type stuff in my in the third terminal and see it echoed happily in terminal 2.
Under Mac OS, everything goes fine until I do the telnet on myhost.com. The diagnostic in terminal 1 is:
debug1: channel 0: new [::1]
debug1: confirm forwardeded-tcpip
debug3: channel 0: waiting for connection
debug1: channel 0: not connected: Connection refused
It's not a firewall issue, as I can telnet directly to port 5500 on the Mac from myhost.com without any problem.
Google gives me no help here. Any ideas?
Thanks!
12" G4 Powerbook Mac OS X (10.4.8)Figured it out - did a no ip ssh v 2 and hey presto started working
-
I'm trying to simulate a tunnel through a service provider:
I have 3 Routers, which are connected with static routes and are all pinging each other other through serial and fastethernet interfaces.
Router 1 and Router 3 are acting as tunnel endpoints. Router 2 is service provider.
Configurations:
Router 1 Loopbacks:
192.168.2.0
192.168.3.0
192.168.4.0
Router 3 Loopbacks:
192,168.13.0
192.168.14.0
Router 1 and 2: 192.168.8.1 255.255.255.252
Rouer 2 and 3: 192.168.9.1 255.255.255.252
Tunnel is: 10.40.40.1 on R1
10.40.40.2 on R3
Router 1:
Interface Tunnel 0
Tunnel Source: 192.168.8.1
Tunnel Destination: 192.168,9.2
ip route 192.168.9.2 255.255.255.255 192.168.8.2
router eigrp 1
network 192.168.2.0
network 192.168.3.0
network 192.168.4.0
Router 3:
Interface Tunnel 0
Tunnel Source: 192.168.9.2
Tunnel Destination: 192.168.8.1
ip route 192.168.8.1 255.255.255.255 192.168.9.1
router eigrp 1
network 192.168.13.0
network 192.168.14.0
After these configurations I see on both routers 1 and 3 the Tunnels are in up/up and I can ping 10.40.40.1 to 10.40.40.2, but no eigrp router are coming up, what is the problem ??? Is the source and destination ip addresses correct, are my ip route statics correct ?? Please help.
Thanks,
Sergei.
After this configuration I see my Tunnel on both RoterSergei,
Add the tunnel network into your Router EIGRP 1 statements in router 1 & 3. I believe that should do the trick.
router eigrp 1
network 10.40.40.0 -
Hi all,
We have VTI tunnels between Cisco (3825 and 878) and Juniper (SRX3600).
Sometimes tunnel is going down and I should manualy shutdown and no shutdown tunnel interface to bring it up.
This is logs from Cisco:
%%crypto-4-recvd_pkt_inv_spi: decaps: rec'd ipsec packet has invalid spi for destaddr=X.Y.100.200, prot=50, spi=0xc5d07a33(3318774323), srcaddr=X.Y.100.100
%%crypto-4-ikmp_no_sa: ike message from X.Y.100.100 has no sa and is not an initialization offer
X.Y.100.100 is Juniper SRX3600
X.Y.100.200 is Cisco 3825
But I see this logs more often, than tunnel is going down!
So what is problem?
ThanksHello,
this should help #crypto isakmp invalid-spi-recovery
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080bf6100.shtml
Best Regards
Please rate all helpful posts and close solved questions -
Hi,
i created MPLS TE tunnel between three Cisco 2811 series routers and configured that MPLS TE tunnel will reserve 1Mbps of bandwidth.Then I started to send constant 3 Mbps data flow trough the MPLS TE tunnel (everything looks ok: tunnel is up, bandwidth is reserved, all the data flow entering the tunnel). The problem is that data flow leaving the tunnel at 3Mbps rate. Why tunnel dont limit data rate?????The tunnel doesn't do rate-limiting. Bandwidth at the tunnel level is only a control plane feature.
You need to configure admission control on the tunnel headend with CAR or some other form of rate limiting if you want to enforce the tunnel reserved bandwidth.
Hope this helps, -
Hello All,
This is Jay Kishan. I work in Pakistan Petroleum Limited as a Network Associate. There is a little problem that i am facing recently. We have a Head Office in Karachi and a Remote Location is Islamabad. We are connecting them with a Primary DXX Link with an active VSAT Backup Link. As soon as the DXX Link goes down the VSAT Link comes up automatically. But the DXX Provider has introduced a few more non-cisco devices in the middle and now we have to create a tunnel from our ISB 2610 Router to KHI 3661 Router. The reason for creating the tunnel is that we dont want the DXX provider to know our network. But the problem that we have at our hand is that the tunnel never goes down as the interfaces on both the routers are connected to devices that wont go down. But there can be a problem in some other middle device because of which the link may not work. So the situation is that even the DXX Link isnt working the tunnel is still up and the VSAT Backup link doesnt come up. So how can i make sure that if the DXX Link stops working the tunnel could sense it and the VSAT Backup link comes up automatically. I will be very much thankful for any sort of help. Thanks in advance.
Regards,
Jay Kishan
PPLJay
The GRE keepalive is a very nice feature and it does sound like it would solve your problem. It was introduced somewhat recently (I just looked at the notes and it indicates that it was introduced on some platforms in 12.2(8)T and a bit later on other platforms). What platform are you running this on and what version of code?
The configuration is pretty straightforward:
interface tunnel n
keepalive
and it has optional parameters on the keepalive to specify how many seconds and how many retries.
If you router does not have keepalive as a command under the tunnel interface, then that is a good indication that the version of code that you are running does not have this feature. Would it be worth upgrading code to get this feature?
HTH
Rick -
SSL-Tunneling Problem with Stronghold
Hello,
I installed HTTP-Tunneling between a Java-Client and a WLS 4.5.1SP 13
throuch a Stronghold-Server using mod_wl_ssl.so.
But when I'm trying to connect via HTTPS (port 443) to the Stronghold, the
plugin is no longer working correctly. I get the following output in the log
of the plug-in:
--------------Begin--------------
========New Request: [GET
/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=634395
5830116743121 HTTP/1.0] =========
Thu Jan 4 18:46:57 2001 Cookie String missing in the Cookie
Thu Jan 4 18:46:57 2001 queryStr =
wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=6343955830116743121
Thu Jan 4 18:46:57 2001 The request string is
'/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
55830116743121'
Thu Jan 4 18:46:57 2001 After trimming path:
'/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
55830116743121'
Thu Jan 4 18:46:57 2001 Now trying whatever is on the list;
ci->canUseSrvrList = 1
Thu Jan 4 18:46:57 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
Thu Jan 4 18:46:57 2001 general list: trying connect to 'agni'/7002
Thu Jan 4 18:46:57 2001 Connected to agni:7002
Thu Jan 4 18:46:57 2001 Headers from the client [Accept]=[text/html,
image/gif, image/jpeg, *; q=.2, */*; q=.2]
Thu Jan 4 18:46:57 2001 Headers from the client [Host]=[sbcipx:443]
Thu Jan 4 18:46:57 2001 Headers from the client [User-Agent]=[Java1.2.2]
Thu Jan 4 18:46:57 2001 Sending header to WLS [Accept]=[text/html,
image/gif, image/jpeg, *; q=.2, */*; q=.2]
Thu Jan 4 18:46:57 2001 Sending header to WLS [Host]=[sbcipx:443]
Thu Jan 4 18:46:57 2001 Sending header to WLS [User-Agent]=[Java1.2.2]
Thu Jan 4 18:46:57 2001 Sending header to WLS
[X-WebLogic-Force-Cookie]=[true]
Thu Jan 4 18:46:57 2001 Sending header to WLS [WL-Proxy-SSL]=[true]
Thu Jan 4 18:46:57 2001 Sending header to WLS
[Proxy-Client-IP]=[192.168.17.116]
Thu Jan 4 18:46:57 2001 Sending header to WLS
[X-Forwarded-For]=[192.168.17.116]
Thu Jan 4 18:47:12 2001 sysRecv failed, return val = [0] errno=0
errmsg=[Error 0]
Thu Jan 4 18:47:12 2001 Error reading WebLogic Response from agni:7002
Return Value = -1
Thu Jan 4 18:47:12 2001 Marking agni:7002 as bad
Thu Jan 4 18:47:12 2001 Got FAILOVER response from sendRequest... will
retry
Thu Jan 4 18:47:12 2001 Attempting a connect with the forceCookie bit
turned ON : [1]
Thu Jan 4 18:47:12 2001 Now trying whatever is on the list;
ci->canUseSrvrList = 1
Thu Jan 4 18:47:12 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
Thu Jan 4 18:47:12 2001 Request timed out after 10 seconds
Thu Jan 4 18:47:12 2001 Redirecting the error response to the errorPage =
[http://www.finance.ch]
Thu Jan 4 18:47:12 2001 r->status=302 returning 0
Thu Jan 4 18:47:14 2001
---------------End
Any Ideas, what I didn't configured correctly for the stronghold/plug-in/WLS
Thank you
Remo"Remo Schnidrig" <[email protected]> wrote:
Hello,
I installed HTTP-Tunneling between a Java-Client and a WLS 4.5.1SP 13
throuch a Stronghold-Server using mod_wl_ssl.so.
But when I'm trying to connect via HTTPS (port 443) to the Stronghold, the
plugin is no longer working correctly. I get the following output in the log
of the plug-in:
--------------Begin--------------
========New Request: [GET
/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=634395
5830116743121 HTTP/1.0] =========
Thu Jan 4 18:46:57 2001 Cookie String missing in the Cookie
Thu Jan 4 18:46:57 2001 queryStr =
wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=6343955830116743121
Thu Jan 4 18:46:57 2001 The request string is
'/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
55830116743121'
Thu Jan 4 18:46:57 2001 After trimming path:
'/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
55830116743121'
Thu Jan 4 18:46:57 2001 Now trying whatever is on the list;
ci->canUseSrvrList = 1
Thu Jan 4 18:46:57 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
Thu Jan 4 18:46:57 2001 general list: trying connect to 'agni'/7002
Thu Jan 4 18:46:57 2001 Connected to agni:7002
Thu Jan 4 18:46:57 2001 Headers from the client [Accept]=[text/html,
image/gif, image/jpeg, *; q=.2, */*; q=.2]
Thu Jan 4 18:46:57 2001 Headers from the client [Host]=[sbcipx:443]
Thu Jan 4 18:46:57 2001 Headers from the client [User-Agent]=[Java1.2.2]
Thu Jan 4 18:46:57 2001 Sending header to WLS [Accept]=[text/html,
image/gif, image/jpeg, *; q=.2, */*; q=.2]
Thu Jan 4 18:46:57 2001 Sending header to WLS [Host]=[sbcipx:443]
Thu Jan 4 18:46:57 2001 Sending header to WLS [User-Agent]=[Java1.2.2]
Thu Jan 4 18:46:57 2001 Sending header to WLS
[X-WebLogic-Force-Cookie]=[true]
Thu Jan 4 18:46:57 2001 Sending header to WLS [WL-Proxy-SSL]=[true]
Thu Jan 4 18:46:57 2001 Sending header to WLS
[Proxy-Client-IP]=[192.168.17.116]
Thu Jan 4 18:46:57 2001 Sending header to WLS
[X-Forwarded-For]=[192.168.17.116]
Thu Jan 4 18:47:12 2001 sysRecv failed, return val = [0] errno=0
errmsg=[Error 0]
Thu Jan 4 18:47:12 2001 Error reading WebLogic Response from agni:7002
Return Value = -1
Thu Jan 4 18:47:12 2001 Marking agni:7002 as bad
Thu Jan 4 18:47:12 2001 Got FAILOVER response from sendRequest... will
retry
Thu Jan 4 18:47:12 2001 Attempting a connect with the forceCookie bit
turned ON : [1]
Thu Jan 4 18:47:12 2001 Now trying whatever is on the list;
ci->canUseSrvrList = 1
Thu Jan 4 18:47:12 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
Thu Jan 4 18:47:12 2001 Request timed out after 10 seconds
Thu Jan 4 18:47:12 2001 Redirecting the error response to the errorPage =
[http://www.finance.ch]
Thu Jan 4 18:47:12 2001 r->status=302 returning 0
Thu Jan 4 18:47:14 2001
---------------End
Any Ideas, what I didn't configured correctly for the stronghold/plug-in/WLS
Thank you
Remo
As far as I know, HTTPS-Tunneling through NES, APACHE, and IIS
is not supported. You can setup HttpClusterServlet to do HTTPS-
Tunneling.
Jong -
Convert anchor point tool problem
I'm new to illustrator.. when I want to move tangents independently it only works with the first one I grab, the other one disappears, and reappears while I hold the first one.. bug?
1) Both handles reappear and I can move them as I should be able to with the convert tool
2) that also works fine with the direct select tool,I don't even have to convert so that kinda solves my problem
3) when point is converted I can drag handles with the direct select tool
Thx! -
REP-3104: Anchors and matrices problem in Report
I have a master detail report. The detail repeating frame has a set of boiler plates that are diiferent from the master e.g
master lease master address master location master first name master lastname
Then master repeating frame
The detail boiler plates within a frame
Detail lease detail unit detail property detail occupancy. There is a break on detail lease and detai unit
Then detail repeating frame
My question is if there is no corresponding detail for a master then the detail boiler plates should not appear and then next master should occupy the space the detail occupies. I got the first part but when I put accord and try to collapse vertically and getting the error above.
REP-3104: Anchors and matrices cannot be scaled differently from their association objectsHello,
The parameter -install is no more supported when starting the Reports Server :
http://download-uk.oracle.com/docs/cd/B14099_17/bi.1012/b14048/pbr_strt.htm
You can use the following command lines :
rwserver server=rep_training
or
rwserver server=rep_training batch=yes
Regards -
Hi
I was wondering if anybody could help me out here. I have been following the guidelines as per the WLC softweare configuration guide with regards to configuring the internal controller which is pretty straightforward. The mobility anchor is up with the DMZ controller however I am not sure what configuration is required on the DMZ controller itself with regards to DHCP and the Guest WLAN itself. To be honest the documentation is a bit skimpy to say the least.
Any help would be greatly appreciated
Cheers,
MartinMartin,
I share your frustrations with the documentation on the guest access. From what you stated you're having trouble with how guest access mobility is configured with respect to DHCP. Hope this helps.
The first part is well documented. Setup a mobility group between the remote and DMZ controller. Make sure it's up. Now we'll move onto DHCP configuration.
1) On the DMZ controller, configure a DHCP pool for the guest clients. Make sure you build a WLAN and bind it to the proper interface
2) On the remote controller, under your "management" interface set the DHCP server to be the ip address of the management interface on the DMZ controller. Very important!
3) Build the guest WLAN on the remote controller with the same configuration and bind it's interface to the management interface of the remote controller.
Voila... all DHCP requests will now be forwarded to the DMZ anchor.
Anything else I can help with let me know.
-Mike
http://cs-mars.blogspot.com -
ASA ssh,telnet.jar smart tunnels problems
Hi
From my asa I'm trying to gain access to some servers Linux (no local firewalls on them) from the clientless session using the ssh,telnet jar plugin.
The plugin starts and shows the login prompt and then I enter the correct user name and passwords and then I'm left with a black square.
Any suggestions for debugging?
ASA runnig 9.1, the problem is to both Linux boxes and a IOS router.On testing the above even further, I seem to have an issue...
With the following configuration loaded...
aaa-server TLS-ACS5 protocol tacacs+
aaa-server TLS-ACS5 (inside) host 10.0.20.200
key passme123
aaa authentication ssh console TLS-ACS5 LOCAL
aaa authentication telnet console TLS-ACS5 LOCAL
aaa authentication ssh console TLS-ACS5 LOCAL
aaa authentication telnet console TLS-ACS5 LOCAL
aaa authentication enable console TLS-ACS5 LOCAL
With the PIX in communication with the ACS the above works well, with me successfully logging in with credentials added to the ACS.
On testing this further I have taken the link down between the PIX and the ACS (to recreate a failure scenario). I can still login using the internal (LOCAL) username & password. This seems to work fine, however if I try to access the exec-privilege mode (i.e. enable) the PIX does not except the enable password added to the configuration moreover it prefers the same password used for creating the initial user.
username admin-user password adminpass123 encrypted
enable password enablepass123 encrypted
For example; with the above lines in the running configuration of the PIX , I can login into PIX using admin-user and enter the password adminpass123. However, if I try and then go onto access exec-privilege mode (i.e. enable) the PIX does not except the password "enablepass123" put does except "adminpass123"... this is even with "aaa authentication enable console TLS-ACS5 LOCAL" added to the running configuration.
Has anyone else seen this issue on a PIX/FW. Am I missing something from my configuration? Does anyone know of a workaround to this issue or is it just something I have to live with?
Maybe you are looking for
-
Versin iformation for adapter engine is missing in the SLD
Hi, Just imported my Integration Directory changes into receiving PI System and have come to do the manual activation of the change lists that was asked for. When I do I get the activation cancelling with a message that a communication channel ca
-
The addon should display Hebrew date and info on status bar, but it doesn't. Using version V1.0.5.09. I am using Windows 7.
-
Dreamweaver is slow when you add jquery
It takes about 50 seconds to open the js file.
-
It seems that the links to the 15.0.0.152 msi's still point to the previous version any idea when that will be remediated?
-
After sorting the bookmarks do not stay sorted. why?
After finding the sort feature under view not organize, I sorted them alphabetically. I did this multiple times using both the alphabetic feature and the A-Z feature but they revert to a random order in both the show bookmarks menu and on the bookmar